• /
  • EnglishEspañol日本語한국어Português
  • Inicia sesiónComenzar ahora

NR24-01 - Fluent Bit

Vulnerability Identifier: NR24-01

Priority: High

Summary

New Relic advises all customers using log forwarding instrumentation to update the following solutions:

  • Linux Infrastructure Agent AND Fluent Bit
  • Kubernetes Plugin
  • Fluent Bit Output Plugin

New Relic has released new versions of these services to eliminate a recently announced vulnerable version of Fluent Bit. Each identified service has been updated to use Fluent Bit version 3.0.4, which was released to remediate the identified vulnerability.

Customers who are using the Infrastructure Agent but have disabled log forwarding are not impacted.

Action required

New Relic is recommending that customers who use the log forwarding instrumentation (as identified below) immediately take the following Actions:

Solution

Action Required

Windows Infrastructure Agent

On Windows, the embedded version of Fluent Bit within the Windows Infrastructure Agent has been determined to not be impacted by CVE-2024-4323.

Linux Infrastructure Agent

Upgrade the Infrastructure Agent to version 1.52.3 or later, AND update Fluent Bit to version 3.0.4 or later

Kubernetes Plugin

Upgrade using either newrelic-logging-1.22.0 or nri-bundle-5.0.80

Fluent Bit Output Plugin

Update to version 2.0.0

New Relic has provided the following resources to assist with these updates:

New Relic has not identified any workarounds at this time.

Frequently Asked Questions

  1. I am using the Infrastructure Agent but have disabled log forwarding. Am I impacted?

    No, if log forwarding is disabled, the Infrastructure Agent will not run Fluent Bit and will not be impacted. However, New Relic recommends that you upgrade the agent regularly and check for updates at a minimum of every 3 months to ensure you are using a current version.

    Additionally, New Relic recommends that all customers identify any other uses of Fluent Bit in their environments and update them to at least version 3.0.4.

  2. Once I update to the latest versions of the listed log forwarding services, do I have to do anything else?

    Yes, but only if you are running Infrastructure Agents on Linux hosts. If you are running the Linux Infrastructure Agent, you will also need to update Fluent Bit within your environment to version 3.0.4 or later.

    There are no further configuration changes required to the Kubernetes Plugin or the Fluent Bit Output Plugin after updating to the most recent versions, although New Relic recommends that you periodically check your set configurations to make sure they match your desired settings.

Supporting Release Notes

Infrastructure Agent Release Notes

Logs Release Notes

Kubernetes Integration Release Notes

Fluent Bit Output Plugin Release Notes

Technical vulnerability information

CVE-2024-4323

Fluent Bit's Statement on CVE-2024-4323

Research Synopsis of CVE-2024-4323

Publication History

June 7, 2024 - NR24-01 Published

Copyright © 2024 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.